from the maybe-someone-who-understands-tech dept

After an apparently, technically clueless judge ruled last week that WiFi is not a radio communication, and thus suggested Google's collection of open WiFi data represents illegal wiretapping, Google has asked for an immediate appeal on that point, noting that "reasonable judges could disagree," and that fighting a whole trial on other points wouldn't make sense if another court says WiFi is, in fact, a radio communication and, thus, an open WiFi network is not subject to wiretap laws.

from the it-shouldn't-be... dept

In the consolidated cases against Google for intercepting some unencrypted data passing over open WiFi networks as part of its Street View operation, the judge is now looking to determine if basic packet sniffing is the equivalent of an illegal wiretap. Google, and one would imagine, most people who understand the technology, are arguing that's silly. The nature of WiFi is that it takes the unencrypted bits and makes them wide open to anyone on that network. That's how the technology is designed. If you don't like it, you encrypt. Arguing, retroactively, that seeing the data that is put in the open on purpose is somehow an illegal wiretap seems silly, but that's what the case hinges on. Hopefully, the judge is either technologically savvy enough to understand this, or can be well educated in the nature of how an open WiFi network works... Otherwise, a lot of people may be facing wiretapping charges for activity that many people consider perfectly normal on a network.

from the unintended-consequences... dept

The unfortunate, if not surprising, news story making the rounds today is that the feds in the US are looking to pass new laws to legally require a wiretap backdoor in every kind of internet communication offering. Yes, you read that right. If there's any way to communicate online, the US government is demanding the right to be able to wiretap it. Any company that doesn't comply will face fines. This despite the long history of the US government massively abusing its wiretapping privileges repeatedly throughout history.

And, yes, this would supposedly apply to non-US communications services as well:

Foreign-based providers that do business inside the United States must install a domestic office capable of performing intercepts.

Yeah, that'll go over well. It's difficult to see how this is any different than foreign governments demanding access to others' communications as well. It's pretty ridiculous for President Obama to talk about open internet principles to the UN, while cooking this up at the same time. Pushing for this also means that the US will have no excuse when the governments of Iran, China and elsewhere also demand backdoors into all US-based communications.

And, really, that's the biggest problem with this law. Beyond the inevitable privacy violations by the feds, putting backdoors into communications technologies guarantees that those backdoors will be used by others (outside of the federal government) to snoop on communications. The FBI and the NSA (who are pushing for this) are being totally and completely naive if they think that they're the only ones who will use this. We've pointed out in the past how large scale surveillance systems mean large scale security risks, and this is no different. We showed how a similar surveillance system in Greece was hacked into to spy on government officials. US officials should be aware that they're opening themselves up to these same potential risks.

And, the simple fact is: this won't help and it won't matter. The people who really want to communicate secretly will still use tools to communicate secretly. The feds are (once again) being naive to think that such tools won't exist and won't be widely known and widely utilized. Instead, all this will do is open up everyone else to abuse of the system by other governments, organized crime, people with malicious intent and (of course) the US government.

from the i-may-or-may-not-be-recording-this dept

While there have been a lot of concerns lately about efforts to misuse "wiretapping" laws that forbid any recordings of people without their knowledge, it appears at least a few courts are recognizing how silly that is. Yet another court has now said that secretly recording a conversation -- in this case with an iPhone -- is okay, assuming there was no crime committed with the recording, and the recording was for a legitimate purpose. As the court noted:

"The defendant must have the intent to use the illicit recording to commit a tort of crime beyond the act of recording itself."

That makes sense. The act of recording alone, shouldn't be a criminal act, as it really depends on what is being done with the recording. And, in an age where not only is recording everything easier, but for some becoming standard, requiring permission to record all audio seems like an outdated concept.

from the good-for-him dept

We've noted recently that police and the courts have been regularly abusing wiretap laws to arrest people who are videotaping or recording police, claiming that they're violating two-party consent laws. The most famous case, of course, is the motorcycle rider with a helmet cam, who is facing jailtime for recording an off-duty, ununiformed police officer who jumped out of his car with his gun drawn. These situations are clearly not what such laws are designed to protect. Instead, it appears that the police are using them to intimidate and block people from legally recording police activity in public places.

from the not-so-secret-any-more dept

One of the benefits of Skype was that, due to the way it works (P2P, encrypted communications), it made it much more difficult to do any sort of wiretap. This has upset various governments who are used to having the ability to wiretap any voice communications. However, it's never impossible. The most obvious way is to simply create some sort of trojan that gets installed on one user's computer that has audio recording abilities -- and Symantec is going around hyping up the fact that source code for just such a trojan has been released. Of course, even Symantec admits that there's no evidence of the code actually being used in the wild -- it seems more like a proof-of-concept. On top of that, it's hardly a new idea. Nearly a year ago, we talked about how German authorities were accused of using something that sounded quite similar. Still, it is a good reminder that even if you're using an encrypted Skype call, at either end of that call, the audio is decrypted, and a well-placed recording system can capture it.

from the beep-boop-bop-beep-beep-beep-beep dept

While there are still arguments over the legality of the government's warrantless wiretap program, apparently there's been a separate court case looking at whether or not a warrant is needed if the authorities are just listening to your touchtone dialing, rather than the contents of the call itself. The feds felt that if it was just the touchtone beeps, then they didn't need any warrant at all -- but a court has now shot that theory down. The feds tried to claim that such data was not "content" which would trigger the need for a warrant -- but considering that with today's touchtone IVR systems, such data could include passwords, PINs, social security numbers and other private data, it seems perfectly reasonable to suggest a warrant is necessary.

from the protection-of-sources dept

An interesting and important ruling came out of the UK last week, as a journalist had a lawsuit against her thrown out by a judge, because it appears that much of the evidence came from police wiretapping her phone conversations with a source in the police department. The judge ruled that journalists have a right to protect their sources, and the police wiretaps were illegal. I'm not familiar enough with UK wiretapping laws to know if they needed a court's approval for the wiretap in the first place -- but on the whole this seems like a reasonable decision, as the case itself was quite troublesome. Basically, it sounded like the police wanted to plug leaks from within the department, and then bugged the journalist to find out who the leaker was, and with that info charged both the source and the journalist. That certainly seems like an abuse of police power to try to prevent future leaks, so it's good to see the court dismiss the whole thing.

from the because-they're-so-trustworthy dept

The FBI, which still can't even get its own computer network working properly, would rather just have more widespread access to spy on the computer network everyone else uses: the internet. Talking to Congress today, the FBI proposed a few different things, including the right to more widely spy on internet activity as well as legislation to force ISPs to retain log file data for an extended period of time. While the Congressional reps in attendance seemed to respond by saying "sure, sounds great" to both of these suggestion, both should actually be looked at much more closely.

More freedom to spy on internet usage potentially violates the 4th Amendment as well as federal wiretap laws. Given the evidence that the FBI has widely abused its ability to wiretap, this should be a major concern. As for data retention, problems with such an idea have been chronicled for years. It tends to put a tremendous expense on ISPs for no real reason -- and it tends to make it even harder to find the type of data authorities actually need to deal with criminal activities. If you're in the FBI, it's no surprise that you'd want both things in place, but that hardly means Congress should roll over and give them to the FBI.

from the ethically-challenged dept

The MPAA has been pushing the courts to force TorrentSpy to spy on its users -- something TorrentSpy refuses to do, noting that it would break their own privacy policy and is simply ethically questionable. It should come as no surprise, of course, that the MPAA has no such qualms. In fact, it came out today that the MPAA had, in fact, been snooping through TorrentSpy's executives' emails. So, which organization looks more ethically challenged? This stems from a case TorrentSpy filed last year, after finding out that a former co-worker gave the MPAA access to TorrentSpy emails. While a court has found that the MPAA's actions did not violate wiretap laws, it's still pretty questionable. What appears to have happened, is that a former TorrentSpy employee who had access to the company's email system set it up so all executives' emails also forwarded to a gmail account he owned. He then sold access to that gmail account to people at the MPAA. Clearly, the MPAA knew that the TorrentSpy execs thought these emails were private, and yet they still eagerly paid up for access to them, which is really sleazy. TorrentSpy is appealing the case, but they'd probably have a much stronger case against the former employee who set up the email forwarding system in the first place.